[exim] Re : Re : Exim as an external filter : how to check r…

Page principale
Ce message fait partie du fil suivant :
MArborescence complète du fil triée par date
M 
Christian Gregoire à ->
Supprimer ce message
Répondre à ce message
Auteur: Christian Gregoire
Date:  
À: Graeme Fowler, exim-users
Anciens-sujets: Re: [exim] Re : Exim as an external filter : how to check recipient address existence
Nouveaux-sujets: [exim] Re : Re : Re : Exim as an external filter : how to check recipient address existence
Sujet: [exim] Re : Re : Exim as an external filter : how to check recipient address existence
>> Actually, the MX of the recipient's domain is my platform :
>>
>> INTERNET -----> MY PLATFORM -----> REMOTE SERVER
>>
>> so I guess a callout verification wouldn't work, because Exim would ask
>itself.
>>
>> Am I right ?

>No.

>Your platform (the MX layer) already has knowledge of where mail to
>recipient A in domain B must be routed. You can test at this point using
>a recipient callout - a call forward, if you will - which will use that
>routing information to pass the recipient data to the remote server.

>I do this for a number of what I call "filter" domains, in this way:

># global setting 

>domainlist filter_domains      = lsearch;/etc/exim/filterdomains

># In the RCPT ACL: 

>warn domains = +filter_domains:+relay_to_domains
>    !verify = recipient/callout=30s,defer_ok,no_cache,use_sender
>    set acl_m_VER = REJ--RR6: $acl_verify_message
 

>deny message = Recipient verification failed.
>    condition = ${if !eq{$acl_m_VER}{}}
 

># the router
>filter_domains:
>  driver = manualroute
>  domains = +filter_domains
>  transport = filter_domains_remote_smtp
>  route_list = $domain \
>              ${lookup{$domain}lsearch{/etc/exim/filterdomains}}
>  no_more

># the transport
>filter_domains_remote_smtp:
> driver = smtp


>...and that's it. The $acl_m_VER part is a little more complex than you
>might require because there are several reasons why a recipient address
>might fail to verify, and I only want one place where I reject them (the
>actual ACL section is more complex than that I have shown).

>The filterdomains file is of the form:

>domain: hostname1:hostname2:hostname3

>Graeme

Thanks for the reply Graeme.

But actually, I don't see where, in your ACL, Exim could retrieve the remote
hostnames specified in the filterdomains file. I've pasted your ACL piece of
code in my configuration file and when I run tcpdump, I clearly see at the RCPT
TO stage that Exim is connecting to the MX of the recipient domain, nowhere
else. Am I missing something ? 

[root@localhost conf]# cat filterdomains 
liveo.fr:       193.108.197.238


[root@localhost conf]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 localhost.localdomain ESMTP Exim 4.76 Fri, 02 Sep 2011 13:45:10 -0700
ehlo to
250-localhost.localdomain Hello localhost [127.0.0.1]
250-SIZE 52428800
250-PIPELINING
250-AUTH LOGIN
250 HELP
mail from:<cg@???>
250 OK
rcpt to:<sdrvzer@???>
550 Recipient verification failed.


13:45:30.083009 IP 192.168.1.150.48282 > h13.cornut.fr.smtp: S
2039586264:2039586264(0) win 5840 <mss 1460,sackOK,timestamp 2213943
0,nop,wscale 7>
13:45:30.127048 IP h13.cornut.fr.smtp > 192.168.1.150.48282: S
1376330236:1376330236(0) ack 2039586265 win 5840 <mss 1420>
13:45:30.127231 IP 192.168.1.150.48282 > h13.cornut.fr.smtp: . ack 1 win 5840
13:45:30.169798 IP h13.cornut.fr.smtp > 192.168.1.150.48282: P 1:73(72) ack 1
win 5840
[...]

Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] delaying inbound messages[exim] Cannot send mail to gmail.com after reconfigure Exim 4.76?->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)